Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/I69k8n2nkQtti482FWC_cxF7lDY.roa
File: I69k8n2nkQtti482FWC_cxF7lDY.roa (raw, json)
Hash identifier: tHBOzzV8R9wAEss9tauGm6ULPu1fU/20V6tTbFT0brA=
Subject key identifier: 23:AF:64:F2:7D:A7:91:0B:6D:8B:8F:36:15:60:BF:73:11:7B:94:36
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018506171CE7C1F5E1A7FA582122B8DB05F9
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/I69k8n2nkQtti482FWC_cxF7lDY.roa
Signing time: Mon 12 Dec 2022 11:27:36 +0000
ROA not before: Mon 12 Dec 2022 11:27:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41976
IP address blocks: 109.74.112.0/20 maxlen: 20
109.74.112.0/21 maxlen: 21
213.168.54.0/24 maxlen: 24
213.168.56.0/21 maxlen: 21
213.168.53.0/24 maxlen: 24
213.168.60.0/24 maxlen: 24
213.168.62.0/24 maxlen: 24
213.168.61.0/24 maxlen: 24
213.168.36.0/24 maxlen: 24
213.168.34.0/24 maxlen: 24
213.168.32.0/21 maxlen: 21
213.168.32.0/19 maxlen: 19
213.168.43.0/24 maxlen: 24
213.168.40.0/21 maxlen: 21
213.168.47.0/24 maxlen: 24
213.168.46.0/24 maxlen: 24
213.168.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:17:1c:e7:c1:f5:e1:a7:fa:58:21:22:b8:db:05:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 11:27:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23af64f27da7910b6d8b8f361560bf73117b9436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:75:78:d3:ef:b8:ab:f7:be:91:2b:f0:8e:fc:
89:86:50:f5:91:db:70:28:28:b2:b8:d3:a5:da:be:
0e:b3:3f:b6:36:06:b6:30:f3:ea:8f:97:9a:17:39:
e1:18:c9:82:54:e3:29:6e:ba:79:b7:dc:75:eb:48:
13:bc:42:c6:2c:05:17:ec:8f:22:3a:35:83:7a:27:
79:41:09:d9:14:05:d5:7f:21:e3:d5:ad:b0:1b:14:
d9:75:fa:aa:eb:ee:36:38:d8:66:34:ae:a3:a2:cb:
b8:3c:38:91:a2:46:e4:c9:dd:75:1a:0a:31:a8:a5:
05:a4:fd:76:bc:e6:e1:88:4f:f9:b7:fb:4e:fc:e8:
6e:1c:2b:23:ab:96:d9:c1:da:4b:10:46:fe:64:6d:
7b:99:a0:69:a3:3d:01:ae:da:82:2b:df:28:bd:5e:
5c:24:76:38:1b:a3:a1:89:2b:7e:ee:bc:97:f1:f5:
ea:fe:cc:7c:16:f0:0b:a6:1f:27:08:6c:cf:97:24:
60:d8:92:17:a2:7e:11:68:94:62:f7:b5:52:6e:a2:
3f:e9:bc:56:63:16:2e:b7:81:9e:c5:92:6b:0d:45:
67:de:38:99:48:71:34:e1:95:62:f6:ad:d3:2e:44:
31:33:95:3a:05:14:d8:aa:b8:88:8f:e5:ba:21:34:
2e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AF:64:F2:7D:A7:91:0B:6D:8B:8F:36:15:60:BF:73:11:7B:94:36
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/I69k8n2nkQtti482FWC_cxF7lDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.112.0/20
213.168.32.0/19
Signature Algorithm: sha256WithRSAEncryption
10:fc:c8:de:aa:8b:9f:85:9e:6c:f0:e0:d1:37:61:90:46:c0:
d1:d1:6d:57:82:fd:ca:5a:96:0c:94:df:9d:b1:2c:39:71:10:
78:ac:4a:06:7a:1d:9a:43:6c:be:da:85:16:08:7a:69:dd:02:
af:c0:87:3f:8f:39:68:16:70:38:8c:ae:8a:41:7a:e4:19:e0:
07:2d:65:19:ca:25:b4:7d:14:bd:e4:b9:f2:4a:d6:72:a5:e1:
07:64:7f:a1:dd:e2:85:04:ed:50:26:60:7c:0c:93:ec:ef:b5:
19:0a:9e:2e:4a:3c:39:36:e1:02:2f:34:ef:4a:5a:fd:03:49:
38:b7:44:6b:a7:fa:7d:a3:75:bf:20:15:e6:0e:7c:85:03:4b:
5c:58:98:93:f8:71:90:c0:5c:d5:ad:2a:e4:1a:28:5f:5b:9d:
46:d8:dd:c1:ea:24:8b:92:57:b4:14:43:5f:68:63:37:95:fc:
0c:21:78:99:d7:fc:5b:b7:f2:e7:c3:63:2a:71:13:19:81:09:
7e:57:22:67:bc:bc:cc:3e:f0:df:fc:85:34:97:b9:41:28:74:
6f:a6:ad:03:f4:24:9d:b5:31:38:da:70:ad:0f:0a:5b:d6:df:
9d:16:7e:c0:cd:ce:cf:f2:42:60:bd:d9:0e:3c:15:3f:21:29:
8a:08:f6:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUGFxznwfXhp/pYISK42wX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTEyNzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FmNjRmMjdkYTc5MTBiNmQ4YjhmMzYxNTYwYmY3MzExN2I5NDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHV40++4q/e+kSvwjvyJhlD1kdtw
KCiyuNOl2r4Osz+2Nga2MPPqj5eaFznhGMmCVOMpbrp5t9x160gTvELGLAUX7I8i
OjWDeid5QQnZFAXVfyHj1a2wGxTZdfqq6+42ONhmNK6josu4PDiRokbkyd11Ggox
qKUFpP12vObhiE/5t/tO/OhuHCsjq5bZwdpLEEb+ZG17maBpoz0BrtqCK98ovV5c
JHY4G6OhiSt+7ryX8fXq/sx8FvALph8nCGzPlyRg2JIXon4RaJRi97VSbqI/6bxW
YxYut4GexZJrDUVn3jiZSHE04ZVi9q3TLkQxM5U6BRTYqriIj+W6ITQuZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCOvZPJ9p5ELbYuPNhVgv3MRe5Q2MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSTY5azhuMm5rUXR0aTQ4MkZXQ19jeEY3bERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEbUpwAwQF
1aggMA0GCSqGSIb3DQEBCwUAA4IBAQAQ/MjeqoufhZ5s8ODRN2GQRsDR0W1Xgv3K
WpYMlN+dsSw5cRB4rEoGeh2aQ2y+2oUWCHpp3QKvwIc/jzloFnA4jK6KQXrkGeAH
LWUZyiW0fRS95LnyStZypeEHZH+h3eKFBO1QJmB8DJPs77UZCp4uSjw5NuECLzTv
Slr9A0k4t0Rrp/p9o3W/IBXmDnyFA0tcWJiT+HGQwFzVrSrkGihfW51G2N3B6iSL
kle0FENfaGM3lfwMIXiZ1/xbt/Lnw2MqcRMZgQl+VyJnvLzMPvDf/IU0l7lBKHRv
pq0D9CSdtTE42nCtDwpb1t+dFn7Azc7P8kJgvdkOPBU/ISmKCPbZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:07 2025 by rpki-client